usbnet(9): Tighten tx path.
1. Verify, don't just assert, that the packet length is below the
buffer size. Even if all the callers enforce the interface's MTU,
I can't prove that the usbnet(9) tx buffer size is an upper bound
enforced on the interface's MTU.
We can remove the check later if we do enforce that upper bound at
some point, which would probably be worth doing anyway since the
MTU is checked earlier in the tx path.
2. Assert, don't check, that c->unc_xfer is nonnull. We can only
reach the tx path if we cross if_init=usbnet_init_rx_tx, and that
(via usbnet_tx_list_init) is guaranteed to fail and back out
unless all of the usbnet_chain unc_xfers get initialized.
3. If we can't fit the packet into a buffer, drop it -- don't leave
it in the queue to try again when it still won't fit in the
buffer.
[7 lines not shown]
devel/abeil: Explain CXX requirements
This package is unusual, in that it's for c++17, but also has some
c++20 things that are auto-turned-on if compiled under c++20.
Explain the rationale for the C++ settings.
(This is a comment-only change.)
emulators/free42: Update to 3.3.11
2026-01-13: release 3.3.11
* Added statistics sums to STAT->Σ and CATALOG->STAT menus.
2025-10-28: release 3.3.10
* Fixed crash in menu logic.
2025-10-15: release 3.3.9
* When a new program was created by inserting END, the new program could end up
being locked initially. Fixed.
* Linux version: Fixed beeper when running under Wayland.
* Linux version: Replaced built-in XPM icons with PNG ones, for compatibility
with certain recent Linux distros.
* Windows and MacOS versions: Made the links in the About box more obviously
clickable.
[14 lines not shown]
x11/xephem: Update to 4.2.0
* 4.2.0
Elwood himself has contributed a new option that lets you switch XEphem from giving your telescope J2000 coordinates to giving it equinox-of-date coordinates.
Sky View: the mouse wheel now zooms the view in and out.
Sky View: DSS image download has been fixed by upgrading to HTTPS, and the window should no longer awkwardly resize once the image arrives.
Data » Download: added the URL of the Celestrak “visual.txt” file.
Data » Download: replaced “ftp.lowell.edu” with modern HTTPS.
Data » Field Stars: François Meyer added support for the ucac5 catalog.
The precession formula has been updated to the one from the 2000 Astronomical Almanac.
A couple of compilation problems on modern Mac machines have been fixed.
XEphem now uses more modern SSL setup routines if the code detects it’s being compiled against OpenSSL ≥1.1.
Closing the INDI window with your window manager’s “Close” button no longer crashes XEphem.
All references to “celestrak.com” have been changed to their new hostname “celestrak.org”.
A few other small fixes.
[28 lines not shown]
expat: update to 2.7.4.
Release 2.7.4 Sat January 31 2026
Security fixes:
#1131 CVE-2026-24515 -- Function XML_ExternalEntityParserCreate
failed to copy the encoding handler data passed to
XML_SetUnknownEncodingHandler from the parent to the new
subparser. This can cause a NULL dereference (CWE-476) from
external entities that declare use of an unknown encoding.
The expected impact is denial of service. It takes use of
both functions XML_ExternalEntityParserCreate and
XML_SetUnknownEncodingHandler for an application to be
vulnerable.
#1075 CVE-2026-25210 -- Add missing check for integer overflow
related to buffer size determination in function doContent
Bug fixes:
#1073 lib: Fix missing undoing of group size expansion in doProlog
failure cases
[58 lines not shown]
